1. Turn on 2FA when you login

When you login, you have to put in your usual password, which typically doesn’t change very often, plus an additional login code, which is different every time.

These one-time login codes are typically sent to you via SMS (text message) or voicemail, or calculated by a secure app that runs on your mobile phone.

It’s not a perfect solution, but it does make it much harder for a crook who has just bought stolen usernames and passwords on the Dark Web: your password alone isn’t enough to raid your account.

Most mainstream online services already have 2FA, but it’s typically not turned on by default, because a lot of us still don’t like it – logging in takes a little longer, it’s marginally more hassle, and there’s more to go wrong.

So we’re suggesting that social networks should up the ante and try using a stick and not a carrot:

We’re inviting all social networks to make 2FA an opt-out setting that will be just about as much hassle to turn off as it would be to start using it instead.

2. Behave yourself while you’re logged in

Even those of us with modest lives and mild pastimes have experienced disquieting behaviour online.

We often hear cries along the lines of, “They should do something about it,” based on an expectation that social networking sites can and should police their users, monitor their behaviour and corral it to conform to various norms.

However, we think it’s unreasonable to expect online services themselves to become so self-regulated that they end up as suppressed, uninventive, stuck-in-the-mud, uncritical, self-serving, anodyne communities of, well, of participants who are robotically in tune with the algorithms that direct them.

Nevertheless, we’ve probably all heard stories of, or even experienced, battles to get content taken down even though everyone would agree it violated the terms set by the site involved.

Sometimes, the explanation given is that the sheer scale of today’s online services – hundreds of millions or billions of users – makes reliably rapid response impossible for any incident that requires a truly human touch.

But we’re saying that this is a cop-out: the big social networks chose to expand to the scale they did, so they could equally well choose to scale up their community support infrastructure, too.

We think that reacting to realistic complaints rapidly is something users ought to be able to rely upon:

We’re inviting all social networks not only to set out their community guidelines very clearly but also to enforce them quickly and effectively.

You don’t need page after page of rules and regulations, but you do need to be speedily consistent about the rules you do have, so your users can avoid unpleasant surprises.

3. Log off when you’re done

Mark is urging us all to log off when we aren’t using services like Facebook, Twitter and others, so that we can’t like things by mistake, don’t leave our accounts open for misuse, and don’t end up with all aspects of our digital life “open for business” all the time.

One problem here, though, is that even if you decide you want to log out and back in regularly, it’s not always easy to do, especially via mobile apps.

For example, we can’t find an “automatically log out when closing the program” option in Facebook’s iOS app – we have to remember to pop up the hamburger menu every time, and then scroll all the way to the end of the list and tap on [Log Out].

We understand the concept of frictionlessness – where interacting with a vendor or service is engineered to require a convenient minimum of clicks – but it should be equally convenient to introduce “account friction” whenever we want:

We’re inviting all social networks to make it really easy to set up your account to log off automatically when it’s not being used.

We’re also suggesting that all those “stay logged in” and “remember me” options should be opt-in (i.e. off by default), rather than turned back on automatically every time you log back in.

Next steps

Here, we’ve invited social networking sites to push the envelope a bit – your envelope, as it happens.

All of the things we’re suggesting here need to be mirrored by behaviours you agree to adopt yourself…